Skip to Content

Privacy & Data

Amended Google Books settlement does little to address privacy risks

/ Andrew McDiarmid

The revised Google Books settlement submitted for Court approval late on Friday still does very little to protect reader privacy. When the settlement was withdrawn for revisions last month, CDT and other advocates proposed that Google use the opportunity to more fully address the privacy risks we had identified in the original settlement—and effectively take privacy concerns off the table. While the amended settlement does include one positive revision on the privacy front, it appears Google for the most part did not take our advice. Reader privacy remains very much on the table.

As many expected, the revisions narrowly address the copyright and antitrust problems raised by the Department of Justice. The affected class of authors and publishers has been reduced; the pricing structures have been made negotiable; and the dispersal of unclaimed funds has been revised. For more explanation and analysis of these changes, see James Grimmelmann’s blog.

On the privacy front, CDT had urged Google to make specific privacy commitments enforceable by the court overseeing the settlement. We believe the settlement should be approved because it promised greatly increased access to books, but also that it should be improved to preserve readers’ right to privacy. Specifically, we recommended that Google set a high standard for disclosure of reader information to law enforcement and to civil litigants (i.e., get a warrant first), that Google use information collected about readers and which books they read only for the narrow purposes laid out in the settlement, and that Google commit not to share personal information with the Books Rights Registry, the organization set up to administer payment to copyright holders.

The revised settlement addresses the last of these recommendations, making a commitment to share only anonymized data with the Registry. Google had previously made such a commitment in its privacy policy, but inclusion in the settlement makes it enforceable. This is a positive step, but it leaves the other concerns untouched. This means that it falls once again to the court to ensure that reader privacy is fully protected as the settlement and the new services it establishes move forward. That’s what CDT will continue to advocate.

Related Reading

Samir Jain Testimony for House Committee. White document on black background.

CDT VP of Policy Samir Jain Testimony Before U.S. House Energy & Commerce Committee on “Legislative Solutions to Protect Kids Online and Ensure Americans’ Data Privacy Rights”
The CDT logo. A light and dark grey "cdt" alongside "Center for Democracy & Technology" on a white background.

Deprecating third-party cookies: a small step towards a more private web
CDT brief, entitled "Unintended Consequences: Consumer Privacy Legislation and Schools." White and blue document on a grey background

Brief – Unintended Consequences: Consumer Privacy Legislation and Schools